Suhosin is an advanced protection system for PHP installations. It was designed to protect servers and users from known and unknown flaws in PHP applications and the PHP core. Suhosin comes in two independent parts, that can be used separately or in combination. The first part is a small patch against the PHP core, that implements a few low-level protections against bufferoverflows or format string vulnerabilities and the second part is a powerful PHP extension that implements all the other protections.
Installing Suhosin Patch using Source Code
First install php-devel package and then download latest version of suhosin patchusing wget command and unpack it.
# yum install php-devel # wget http://download.suhosin.org/suhosin-0.9.33.tgz # tar -xvf suhosin-0.9.33.tgz
Now following next commands to compile suhosin patch for php installation.
# cd suhosin-0.9.33 # phpize # ./configure # make # make install
Create the suhosin configuration file by adding suhosin extension to it.
# echo 'extension=suhosin.so' > /etc/php.d/suhosin.ini
Restart the web server Apache, Nginx or Lighttpd.
# service httpd restart # service nginx restart # service lighttpd restart
Installing Suhosin Patch using EPEL repository
First, turn on EPEL repo and type the following yum command to install the same:
# yum install php-devel # yum install php-suhosin
Restart the web server Apache, Nginx or Lighttpd.
# service httpd restart # service nginx restart # service lighttpd restart
Verify Suhosin Patch
Type the following command to verify suhosin installation.
# php -v
To find out more information about suhosin patch create the following file under your web server root directory. For example, (/var/www/html/).
# vi phpinfo.php
Add the following lines to it.
Now try to access the page using any web browser and type http://youripaddress/info.php. You will see below screen.
